Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2270e26b-c2b1-4cc3-800b-33825c0d723b.roa
File: 2270e26b-c2b1-4cc3-800b-33825c0d723b.roa (raw, json)
Hash identifier: TyPNb1LoBDa6if/uKeolLGNcCXYjtsrbosd2haotzr8=
Subject key identifier: 5D:A6:34:D5:30:F5:D5:E6:B1:B6:4D:94:45:72:7B:27:74:AC:F0:67
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3E8A81138982E89F7EFCCCF947B2E1A102D4255A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2270e26b-c2b1-4cc3-800b-33825c0d723b.roa
Signing time: Mon 01 Sep 2025 21:01:00 +0000
ROA not before: Mon 01 Sep 2025 21:01:00 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:8a:81:13:89:82:e8:9f:7e:fc:cc:f9:47:b2:e1:a1:02:d4:25:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:01:00 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=6464a4b86867ba161a5e64e7e15168074161e63e9f813e1afc0a9bb6e83c276e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:1a:fa:b3:62:72:e1:7c:99:42:75:f4:e6:39:
15:2d:29:00:f8:28:06:04:f8:46:ca:83:5f:53:25:
0b:27:cf:07:82:19:5c:91:0d:d2:1e:14:1c:f3:d1:
3a:81:4a:e0:d6:97:f3:4b:67:d4:f7:34:a6:c1:82:
16:96:e1:51:61:32:f4:22:63:0e:80:ba:69:50:fe:
04:5e:58:41:66:e5:50:fd:08:66:72:75:5b:86:3b:
48:9b:ad:f6:75:4b:8e:51:b8:23:c3:fb:36:1c:f4:
da:e3:d3:cd:20:03:29:bb:d3:7a:e4:c8:b8:4e:12:
7d:42:14:b1:b9:ef:0e:84:c3:95:7e:42:bd:27:21:
8b:02:a7:0b:8e:9d:99:f8:f4:3b:4f:2f:0d:f5:d6:
af:22:c0:18:bd:4e:7f:36:98:c1:66:2f:cd:a1:f6:
3c:49:92:97:50:e8:f2:b7:58:b0:3d:c5:ae:a2:4e:
e9:b9:ce:7d:86:24:e1:54:e1:72:eb:0a:56:24:7a:
de:11:75:18:3a:23:89:99:a1:85:cb:dc:bf:17:30:
80:f1:a5:e6:0b:82:18:58:ba:eb:88:3a:aa:ba:bc:
7c:26:58:90:24:1b:8f:e7:ec:d8:a0:01:b6:e1:84:
67:1a:ea:3f:59:35:5a:58:71:62:fd:5f:1c:e2:e0:
55:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:A6:34:D5:30:F5:D5:E6:B1:B6:4D:94:45:72:7B:27:74:AC:F0:67
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2270e26b-c2b1-4cc3-800b-33825c0d723b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:b000::/40
Signature Algorithm: sha256WithRSAEncryption
88:57:36:06:e4:ac:32:9b:ac:be:98:0a:3c:f6:66:75:40:0b:
d6:53:49:87:26:fb:f7:75:7d:60:5a:54:11:65:72:d5:b5:fa:
7c:90:84:62:4f:1b:b3:7a:48:b6:8a:cc:48:76:de:50:22:9b:
01:80:80:8f:f0:9a:c3:6b:11:51:80:7e:54:57:1f:28:c6:d4:
27:8d:66:aa:4a:62:c2:41:87:97:65:ef:ad:57:9d:e4:4b:39:
c5:28:54:c3:e9:59:00:08:da:28:15:69:49:7a:c8:81:2a:13:
51:24:8f:5a:dc:d0:ac:a8:5e:80:8e:43:60:2d:72:73:6c:b3:
0d:18:9a:52:d7:09:44:39:7b:23:e7:32:b0:aa:13:11:b8:83:
1a:e0:73:38:a5:0f:45:95:24:8f:5f:10:6a:14:f1:6e:b4:3c:
b7:6d:76:1b:bd:2b:8d:52:03:65:59:17:4b:69:e0:08:fd:35:
5c:7b:55:84:d8:04:84:fc:64:86:73:c2:72:88:06:b0:23:2d:
02:57:c1:4e:a5:81:9a:c5:bf:06:9d:13:f9:05:b4:a6:52:b8:
03:54:5e:c8:8b:36:e0:4e:a8:5a:0c:ae:34:67:8d:60:ad:64:
f7:23:0e:72:fc:c0:f5:56:8b:32:34:35:63:7e:a5:e8:9f:4d:
26:26:99:9d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPoqBE4mC6J9+/Mz5R7LhoQLUJVowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTAxMDBaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDY0NjRhNGI4Njg2N2JhMTYxYTVlNjRlN2UxNTE2ODA3NDE2MWU2M2U5Zjgx
M2UxYWZjMGE5YmI2ZTgzYzI3NmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKAa+rNicuF8mUJ19OY5FS0pAPgoBgT4RsqDX1MlCyfPB4IZXJEN0h4UHPPR
OoFK4NaX80tn1Pc0psGCFpbhUWEy9CJjDoC6aVD+BF5YQWblUP0IZnJ1W4Y7SJut
9nVLjlG4I8P7Nhz02uPTzSADKbvTeuTIuE4SfUIUsbnvDoTDlX5CvSchiwKnC46d
mfj0O08vDfXWryLAGL1OfzaYwWYvzaH2PEmSl1Do8rdYsD3FrqJO6bnOfYYk4VTh
cusKViR63hF1GDojiZmhhcvcvxcwgPGl5guCGFi664g6qrq8fCZYkCQbj+fs2KAB
tuGEZxrqP1k1WlhxYv1fHOLgVYMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRdpjTV
MPXV5rG2TZRFcnsndKzwZzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjI3MGUyNmItYzJiMS00Y2MzLTgwMGItMzM4MjVjMGQ3MjNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+w
MA0GCSqGSIb3DQEBCwUAA4IBAQCIVzYG5Kwym6y+mAo89mZ1QAvWU0mHJvv3dX1g
WlQRZXLVtfp8kIRiTxuzeki2isxIdt5QIpsBgICP8JrDaxFRgH5UVx8oxtQnjWaq
SmLCQYeXZe+tV53kSznFKFTD6VkACNooFWlJesiBKhNRJI9a3NCsqF6AjkNgLXJz
bLMNGJpS1wlEOXsj5zKwqhMRuIMa4HM4pQ9FlSSPXxBqFPFutDy3bXYbvSuNUgNl
WRdLaeAI/TVce1WE2ASE/GSGc8JyiAawIy0CV8FOpYGaxb8GnRP5BbSmUrgDVF7I
izbgTqhaDK40Z41grWT3Iw5y/MD1VosyNDVjfqXon00mJpmd
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:08:20 2025 by rpki-client